View
215
Download
1
Tags:
Embed Size (px)
Citation preview
1
Record Management
Medical Center Administrative GroupFall Symposium
November 15, 2000
University Audit
2
Office of University Audit
Salim M. Alani, Director
ext. 5-2291
Sandra E. Dano, Auditor
ext. 5-1100
website: http://listener.uis.rochester.edu/audit/
3
Office of University AuditOrganizational Chart
M an ag er M an ag er M an ag er
D irec to rO ffice o f U n ive rs ity A u d it
S en io r V ice P res id en tfo r A d m in is tra tion an d F in an ce
an d C h ie f F in an c ia l O ffice r
P res id en t
B oard o f Tru s tees(A u d it C om m ittee )
S en io rA u d ito r A u d ito r A u d ito r
4
Mission Statement
To provide audit and advisory services to the University Community by assessing risks, analyzing controls, and ensuring that business practices are effective, efficient, and compliant with University and regulatory policies.
5
Records Management Topics
What are Records Proper Treatment of Confidential Records
– security over storage, limiting access, transporting, faxing, legislation
Compliance Issues Destruction of Records Petty Cash Funds
7
What are Records?
The records we’re talking about in today’s presentation are collections of items of data and information.
8
Records may be on: computer-stored files paper notes, forms and
reports x-rays drawings photographs video or sound tapes microfilm/microfiche e-mail electronic imaging
9
Confidential Records Include:(but are not limited to)
social security numbers salary information information about patients and their care student grades employee performance evaluations
10
Confidential Records
Must be stored to protect confidentiality.
- locked drawer, cabinet, office
Access is limited to appropriate users.
- legitimate business purpose; need to know basis
Secure records sent to other areas.
- lock totes, seal envelopes
Exercise caution when faxing data.
- consider adding a disclaimer to your cover page
11
Health Insurance Portability and Accountability Act (HIPAA)
Access of patient information is to be limited to the minimum necessary to perform specific jobs.
Protection of health care information to ensure privacy and confidentiality when health information is electronically stored, maintained or transmitted.
12
New York State Bill A09965
This is an act to amend the education law. It prohibits the use of social security
numbers as student identification numbers. It was passed into law and will go into
effect on July 1, 2001.
14
Factors to Consider for Retention Periods:
University policies external compliance requirements optimizing use of space minimizing the cost of retention preserving the history of the University audit or enforcement proceeding where the
records need to be kept
15
Risks and Costs of Excess Retainage Periods
If the records are stored in an outside facility, then expenses are incurred for this storage.
If the records are stored internally, there are staff costs to consider for the time it takes your employees to sort through, maintain and move around the records.
There are opportunity costs for the internal space used to store the excess records.
16
Risks and Costs of Excess Retainage Periods
Holding onto records for extended periods of time can expose the University to undue risk.
Rights of access are extended beyond the legally required periods, if the records are retained, and last as long as the records are retained.
17
Destruction of Records
Historic value to UR?
Non-sensitive material
Sensitive Information disposal without confidential status being compromised
18
Destruction of Confidential Records
Paper Shredders– small volumes of paper records– can be done in each office
Autoclave– large volumes or heavy paper records– call MC Housekeeping/Environmental Services
at 5-3666 to request pickup of records– follow records through to actual destruction
20
Petty Cash Funds
Collect original receipts when paying out of fund. Receipts plus cash on hand must equal the total fund amount.
Account for food purchases and human subject payments in accordance with UR policies.
Properly secure this fund in a locked cash box, which is kept in a locked desk or cabinet (or a safe for large amounts).